Oval Definition:	oval:org.opensuse.security:def:20207012
Revision Date: 2022-05-22 Version: 1 Title: CVE-2020-7012 Description: Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a prototype pollution flaw in the Upgrade Assistant. An authenticated attacker with privileges to write to the Kibana index could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2020-7012 SUSE CVE-2020-7012 Platform(s): SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis Release Information SUSE OpenStack Cloud 8 is installed OR SUSE OpenStack Cloud Crowbar 8 is installed AND kibana is not affected Definition Synopsis Release Information SUSE OpenStack Cloud 9 is installed OR SUSE OpenStack Cloud Crowbar 9 is installed AND kibana is not affected Definition Synopsis SUSE OpenStack Cloud 7 is installed AND kibana is not affected
BACK